[wp-trac] [WordPress Trac] #24564: wp_insert_post checks permissions of the current user, not the author
WordPress Trac
noreply at wordpress.org
Wed Jun 12 04:23:41 UTC 2013
#24564: wp_insert_post checks permissions of the current user, not the author
--------------------------+------------------------
Reporter: rmccue | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version:
Severity: normal | Resolution: duplicate
Keywords: |
--------------------------+------------------------
Comment (by nacin):
#19373 (as a new level of API, realistically) is the preferred path
forward. The change proposed here actually has security issues with it.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24564#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list